* david rankin
Is there a hosts.deny scheme I can use? Is there a program that can capture the IPs from the log files and automate the process?
http://denyhosts.sourceforge.net/faq.html edit /etc/denyhosts.cfg and set the parameters to *very* low numbers. ie: DENY_THRESHOLD_INVALID = 2 # failed login attempts HOSTNAME_LOOKUP=NO # uses resources set purge values to lengthy times Run in daemon mode with minimal sleep time (configurable in the cfg file, default is 30 seconds. You might consider 10 seconds or less). note: I run in daemon mode at 30 seconds. I do not know what performance hits would come from less time. When the unwanted activity seems to have abated sufficiently, you might reconsider the lengthy purge value times. Your call, I wouldn't. -- Patrick Shanahan Registered Linux User #207535 http://wahoo.no-ip.org @ http://counter.li.org HOG # US1244711 Photo Album: http://wahoo.no-ip.org/gallery2